UK Biobank volunteers’ genetic, health and lifestyle information is listed for sale on Alibaba website as world-leading science project is suspended, the Government has confirmed
Half a million Brits have had their personal health and genetic data listed for sale on a Chinese website.
The Government has launched an investigation and called the breach from the pioneering UK Biobank project an “unacceptable abuse” of its data.
Volunteer participants have for two decades contributed DNA samples as well as personal information to create the world’s most comprehensive dataset of biological, health and lifestyle information.
Technology minister Ian Murray said the data was found listed for sale on the website Alibaba after it had been legitimately downloaded by three research institutions in China which have since had their access revoked.
READ MORE: Inside world’s biggest mega lab going to war on disease filled with 500,000 human samplesREAD MORE: China to access NHS medical records of 500,000 patients despite MI5 fears
Speaking in the House of Commons, Mr Murray said: “The UK Biobank charity informed the Government that it had identified their data had been advertised for sale by several sellers on Alibaba e-commerce platforms in China.
“Biobank told us that in three listings that appeared to sell… Biobank participation data had been identified. At least one of these three data sets appear to contain data from all 500,000 UK Biobank volunteers.”
UK Biobank says it removes personal identifying information such as names and addresses on all volunteers before giving scientists access to the data. This means details including names, addresses, dates of birth and NHS numbers are not contained in the data.
Universities and pharmaceutical firms can apply to access the anonymised data but must demonstrate a specific purpose, such as understanding why a disease develops or to create a new drug to treat it.
Ministers have been told that no purchases were made from the three listings on the website which have been taken down. Mr Murray thanked the Chinese Government for their co-operation.
However, the minister said he could not give a complete guarantee that nobody could be identified, but said it would likely only be done so through a “very advanced way” of piecing together different datasets.
provided around 10,000 forms of information from whole genome sequencing and saliva, blood and urine samples, to regular dietary surveys, cognitive tests, stress levels, FitBit readings and their full medical histories.
The largest such project in the world is now revealing unprecedented insights into human health as participants recruited in middle age begin to fall ill and die. Scientists are applying for permission to carry out research into why certain people develop diseases such as dementia, cancers and Parkinson’s – and others do not.
Those joining UK Biobank were between 40 and 69 years of age when they joined the study between 2006-2010. Data from it has been cited in more than 18,000 peer-reviewed scientific papers.
The UK Biobank has temporarily closed access to the research platform. A statement from the charity’s chief executive and principal investigator Sir Rory Collins apologised to volunteers and said: “We apologise to our participants for the concern this will cause, and we hope to provide reassurance by outlining the serious actions we are taking in response. Your personally identifying information in UK Biobank is safe and secure.
“Listings offering access to UK Biobank data (which did not contain any personally identifying information) were found on a Chinese consumer website. These listings were swiftly removed before any purchases were made. We are putting in place additional security measures to prevent this happening again. We will conduct a comprehensive investigation into this incident.”
Prof Elena Simperl, of the department of informatics at King’s College London, said: “Initiatives like UK Biobank are absolutely essential to driving innovation across the health and life sciences ecosystem. What happened here was an infrastructure problem, not the result of a complex cyber-attack.
“Too often, the costs of maintaining infrastructure for flagship data stewardship projects like this are treated as an afterthought. The UK has built something remarkable, but we need to keep investing in keeping it safe.”
